Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2003-2015 Digital Defense, Inc.DDI_WARFTPD_USER_OVERFLOW.NASL
HistoryJan 22, 2003 - 12:00 a.m.

WarFTPd USER/PASS Command Remote Overflow

2003-01-2200:00:00
This script is Copyright (C) 2003-2015 Digital Defense, Inc.
www.tenable.com
101
JSON

The version of War FTP Daemon running on this host contains a buffer overflow in the code that handles the USER and PASS commands. A potential intruder could use this vulnerability to crash the server, as well as run arbitrary commands on the system.

#
# This script was written by Erik Tayler <[email protected]>
#
# See the Nessus Scripts License for details
#
# Changes by Tenable:
# - Revised plugin title (2/04/2009)


include("compat.inc");

if(description)
{
	script_id(11207);
	script_version("1.18");

	script_cve_id("CVE-1999-0256");
	script_bugtraq_id(10078);
	
	script_name(english:"WarFTPd USER/PASS Command Remote Overflow");
	script_summary(english:"War FTP Daemon USER/PASS Overflow");

	script_set_attribute(attribute:"synopsis", value:
"Arbitrary code can be run on the remote FTP server." );
	script_set_attribute(attribute:"description", value:
"The version of War FTP Daemon running on this host contains a buffer
overflow in the code that handles the USER and PASS commands.  A
potential intruder could use this vulnerability to crash the server,
as well as run arbitrary commands on the system." );
	script_set_attribute(attribute:"solution", value:
"Upgrade to WarFTPd version 1.66x4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'War-FTPD 1.65 Username Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value:
"2003/01/22");
 script_set_attribute(attribute:"vuln_publication_date", value: "1998/03/19");
 script_cvs_date("Date: 2018/06/27 18:42:25");
	script_set_attribute(attribute:"plugin_type", value:"remote");
	script_end_attributes();

	script_category(ACT_GATHER_INFO);
	script_copyright(english:"This script is Copyright (C) 2003-2015 Digital Defense, Inc.");
	script_family(english:"FTP");
	script_dependencies("ftpserver_detect_type_nd_version.nasl");
	script_require_ports("Services/ftp", 21);
	exit(0);
}


include("ftp_func.inc");

port = get_ftp_port(default: 21);

r = get_ftp_banner(port:port);
if (!r) exit(1);

	if(egrep(pattern:"WAR-FTPD 1.([0-5][0-9]|6[0-5])[^0-9]*Ready",string:r, icase:TRUE))
	{
		security_hole(port);
	}

Related

packetstorm 2
openvas 2
cve 2
prion 1
packetstorm
packetstorm
War-FTPD 1.65 Username Overflow
2009-10-30 00:00:00
War-FTPD 1.65 Password Overflow
2009-11-26 00:00:00
openvas
openvas
War FTP Daemon USER/PASS Overflow
2005-11-03 00:00:00
War FTP Daemon USER/PASS Overflow
2005-11-03 00:00:00
cve
cve
CVE-1999-0256
1998-02-01 05:00:00
CVE-2007-1567
2007-03-21 21:19:00
prion
prion
Stack overflow
2007-03-21 21:19:00
JSON
Related for DDI_WARFTPD_USER_OVERFLOW.NASL
packetstorm2openvas2cve2prion1